Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/qt5f6XAHUjkOK9CEjEv3rd6845Q.roa
File: qt5f6XAHUjkOK9CEjEv3rd6845Q.roa (raw, json)
Hash identifier: JhK1mHuSEOx5aV2MrmFZp4Cs5i5KltcCemHPpXmD5pI=
Subject key identifier: AA:DE:5F:E9:70:07:52:39:0E:2B:D0:84:8C:4B:F7:AD:DE:BC:E3:94
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 0194236A2FC159F202AF6A56E66FC37D846A
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/qt5f6XAHUjkOK9CEjEv3rd6845Q.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 37.221.72.0/22 maxlen: 24
37.221.72.0/24 maxlen: 24
2a09:ea00::/40 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2f:c1:59:f2:02:af:6a:56:e6:6f:c3:7d:84:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aade5fe9700752390e2bd0848c4bf7addebce394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9f:e6:5b:06:3a:99:62:4e:2b:89:8f:b1:4c:
b0:80:24:f6:1a:fc:a6:55:85:07:0c:dc:a8:2d:db:
4c:b8:8b:e5:ed:31:09:f5:9a:4b:18:1c:aa:86:be:
57:b6:8b:b0:7e:89:8b:0e:69:42:b8:b2:a5:b5:92:
18:83:5b:13:04:10:75:3a:98:dd:54:d7:da:8b:97:
31:5d:54:64:b3:f3:9c:c7:83:2c:24:00:de:e2:a1:
c9:b8:54:70:fb:29:e7:35:58:d1:6a:a2:04:47:4e:
85:86:7d:b9:df:16:d6:44:cf:c9:59:01:dd:6f:cf:
43:8e:fd:6b:48:22:53:ab:65:39:ca:d9:f2:83:0c:
63:2e:4d:be:32:6e:81:19:24:f3:86:ce:80:b2:4e:
56:13:97:dd:d9:ba:e6:1e:a4:c6:f7:fc:52:4f:b0:
db:c8:ef:17:16:27:9c:24:18:5e:70:de:23:b8:29:
53:28:ec:d5:cf:de:35:01:ba:17:24:87:35:03:4e:
aa:9e:be:d0:8a:37:f9:b7:0b:0a:af:73:37:81:38:
7c:d7:43:9a:47:2f:03:2d:4b:fe:e9:a0:0e:55:a4:
84:09:30:ba:01:39:59:fa:34:16:b4:d4:ca:a4:b3:
52:0c:49:2a:6e:56:b4:18:ba:55:cf:75:95:ee:e7:
6a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DE:5F:E9:70:07:52:39:0E:2B:D0:84:8C:4B:F7:AD:DE:BC:E3:94
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/qt5f6XAHUjkOK9CEjEv3rd6845Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
40:90:34:42:fe:9f:51:86:54:c4:57:a0:74:2d:08:cd:fd:d3:
cd:f4:e0:0a:67:c4:5d:06:e2:00:b3:a5:fe:bb:f7:81:ab:b3:
fb:bb:78:4f:e2:22:ba:f4:a4:58:9b:5d:7e:36:6a:c1:14:a4:
6b:56:37:b0:60:2d:3b:40:96:62:ff:bb:d1:b9:64:d0:c4:5f:
87:ab:37:93:ae:53:db:c4:fa:48:f8:24:0e:c4:20:26:63:32:
9c:19:a4:b5:9f:ae:0e:d1:54:b0:0a:cd:0d:7d:d4:f9:8f:d6:
93:27:e1:f4:2d:5a:d6:32:de:34:f9:25:59:66:ba:17:55:9e:
4f:96:58:7c:34:9a:f2:67:11:1b:00:05:78:f8:a7:ea:4a:5d:
e1:e7:8b:47:2f:a9:1d:87:df:11:ba:4e:b8:6a:05:77:34:da:
3f:a5:a5:74:68:7c:e2:a8:9b:84:5a:e0:b3:26:17:37:8c:fe:
a2:7a:0b:7c:cc:68:b0:3f:83:76:81:e3:91:8b:fa:a5:97:9f:
b1:2a:2d:bd:65:15:b4:0b:b9:70:2a:55:6f:65:39:15:a4:53:
ae:fb:46:f8:dd:e7:14:56:f0:a1:07:79:72:bf:b4:67:f4:49:
c1:b0:56:fb:cd:8d:65:29:59:5e:5a:c1:6a:28:97:07:b6:9a:
d2:b9:2c:83
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQjai/BWfICr2pW5m/DfYRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWRlNWZlOTcwMDc1MjM5MGUyYmQwODQ4YzRiZjdhZGRlYmNlMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5/mWwY6mWJOK4mPsUywgCT2Gvym
VYUHDNyoLdtMuIvl7TEJ9ZpLGByqhr5XtouwfomLDmlCuLKltZIYg1sTBBB1Opjd
VNfai5cxXVRks/Ocx4MsJADe4qHJuFRw+ynnNVjRaqIER06Fhn253xbWRM/JWQHd
b89Djv1rSCJTq2U5ytnygwxjLk2+Mm6BGSTzhs6Ask5WE5fd2brmHqTG9/xST7Db
yO8XFiecJBhecN4juClTKOzVz941AboXJIc1A06qnr7Qijf5twsKr3M3gTh810Oa
Ry8DLUv+6aAOVaSECTC6ATlZ+jQWtNTKpLNSDEkqbla0GLpVz3WV7udqVQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKreX+lwB1I5DivQhIxL963evOOUMB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvcXQ1ZjZYQUhVamtPSzlDRWpFdjNyZDY4NDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E
AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEAQJA0Qv6fUYZUxFegdC0I
zf3TzfTgCmfEXQbiALOl/rv3gauz+7t4T+IiuvSkWJtdfjZqwRSka1Y3sGAtO0CW
Yv+70blk0MRfh6s3k65T28T6SPgkDsQgJmMynBmktZ+uDtFUsArNDX3U+Y/Wkyfh
9C1a1jLeNPklWWa6F1WeT5ZYfDSa8mcRGwAFePin6kpd4eeLRy+pHYffEbpOuGoF
dzTaP6WldGh84qibhFrgsyYXN4z+onoLfMxosD+DdoHjkYv6pZefsSotvWUVtAu5
cCpVb2U5FaRTrvtG+N3nFFbwoQd5cr+0Z/RJwbBW+82NZSlZXlrBaiiXB7aa0rks
gw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:14 2025 by rpki-client